6. INTRODUCTION - WAF TODAY?
WAF deployments were initially propelled by PCI .........
but are now increasingly driven by security best
practices.
Source: Forrester 2010
Thursday 20 May 2010
13. STARTING OUT - RESEARCH
Research -> knowledge & understanding
Thursday 20 May 2010
14. STARTING OUT - SATISTICS
6.5 times more expensive to fix a flaw in
development than during design, 15 times more in
testing, and 100 times more in development.
Source http://2010survey.whitehatimperva.com/
Thursday 20 May 2010
15. STARTING OUT - INTERNAL SELL (1)
Technical issues in business language (e.g. just-in-
time patching)
and a bit of
Thursday 20 May 2010
16. STARTING OUT - INTERNAL SELL (2)
Know your costs
Advantages over cheaper alternatives!
Thursday 20 May 2010
17. STARTING OUT - INTERNAL SELL (4)
There is a disconnect between the
acknowledgement of security issues
and the willingness to fix them.
Source: The HP Security Laboratory Blog
Thursday 20 May 2010
18. STARTING OUT - INTERNAL SELL (4)
Do not oversell
WAF != unhackable
Thursday 20 May 2010
29. TEST - POLICY
Administration Policy
Who has access?
Delegation?
Change Management - different?
Incident Response Plan?
What is an Incident?
Thursday 20 May 2010
41. RESOURCES
SANS Reading Room (Scareware via Web App
exploit)
SANS, Owasp, WebAppSec
Web 2.0 -> Blogs, Twitter
Vendor Sites
Thursday 20 May 2010
42. CONCLUSION - WAF
Extra layer of defence but also admin
Can be an excellent and effective solution
Is it what I need?
Only a part of defence-in-depth!!!!
Thursday 20 May 2010